More than two years after the attack on the Ashley Madison site, and one year after AdultFriendFinder, computer security researchers have managed to hack several dating apps like Tinder, Bumble, OKCupid, Happn or Badoo.
On Monday, cybersecurity researchers from Kaspersky Lab released the results of their research on securing data on mobile dating apps. They looked at nine of the most popular services like Tinder, Bumble or Happn for Android and iOS, and were able to access several types of user information. To do this, researchers have tested various flaws to see how these applications, particularly sensitive content, are protected. Of course, these flaws and security holes are not unique to dating applications, but they are all the more problematic as these applications are intimate.
The study reveals that of the nine applications tested, six of them do not sufficiently secure the messages on Android, which can be accessed directly by simply rooting the smartphone. In addition, five applications do not use the HTTPS protocol to transmit data, which can be intercepted by someone connected to the same Wi-Fi network if it is not secure enough. It can be messages as well as photos or profiles viewed by the user. Finally, six of the nine applications tested make it possible to determine, with more or less patience, the location of a user. A concern that had already been noted about Tinder in 2014. Although the application has since corrected the flaw, it does not seem fully immune to geolocation possible between its users.
Kaspersky Lab researchers are nevertheless reassuring about the results observed in their study and give some advice to users: "Our universal advice is to avoid public Wi-Fi access points, especially those that are not protected by a password, use a VPN and install a security solution on your smartphone. "
0 comments:
Post a Comment